Bug 153070

Summary:

[iOS Simulator WK1] ASSERT loading Blink layout test imported/web-platform-tests/mediacapture-streams/stream-api/mediastream/mediastream-idl.html

Product:

WebKit

Reporter:

Jiewen Tan <jiewen_tan>

Component:

Media

Assignee:

Eric Carlson <eric.carlson>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

aestes, commit-queue, ddkilzer, eric.carlson, jiewen_tan, joepeck, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
crashing testcase	none
Proposed patch.	none

Description Jiewen Tan 2016-01-13 10:36:41 PST

Created attachment 268878 [details]
crashing testcase

The test case will fail on Mac WK1 and crash on iOS-simulator WK1.
Crashed Thread:        3  WebThread

Exception Type:        EXC_BAD_ACCESS (SIGSEGV)
Exception Codes:       KERN_INVALID_ADDRESS at 0x00000000bbadbeef
Exception Note:        EXC_CORPSE_NOTIFY

VM Regions Near 0xbbadbeef:
--> 
    __TEXT                 000000010d87e000-000000010d908000 [  552K] r-x/rwx SM=COW  /Users/USER/Library/Developer/CoreSimulator/Devices/491C435D-8C4D-4379-B905-BC329B464D0B/data/Containers/Bundle/Application/046F0D29-59B8-4C57-A14D-2C3AB962F1DB/DumpRenderTree0.app/DumpRenderTree

Application Specific Information:
CRASHING TEST: 150195/mediastream-idl.html
CoreSimulator 201.3 - Device: iPhone 5s WebKit Tester0 - Runtime: iOS 9.2 (13D11) - DeviceType: iPhone 5s

Thread 0:: Dispatch queue: com.apple.main-thread
0   libsystem_kernel.dylib        	0x000000011e2e7386 mach_msg_trap + 10
1   libsystem_kernel.dylib        	0x000000011e2e67c7 mach_msg + 55
2   com.apple.CoreFoundation      	0x000000010e391b64 __CFRunLoopServiceMachPort + 212
3   com.apple.CoreFoundation      	0x000000010e390fbf __CFRunLoopRun + 1295
4   com.apple.CoreFoundation      	0x000000010e390828 CFRunLoopRunSpecific + 488
5   DumpRenderTree                	0x000000010d8917a2 runTest(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) + 6498 (DumpRenderTree.mm:2039)
6   DumpRenderTree                	0x000000010d88fdd3 runTestingServerLoop() + 323 (DumpRenderTree.mm:1189)
7   DumpRenderTree                	0x000000010d88f557 dumpRenderTree(int, char const**) + 823 (DumpRenderTree.mm:1298)
8   DumpRenderTree                	0x000000010d892092 -[DumpRenderTree _runDumpRenderTree] + 34 (DumpRenderTree.mm:1337)
9   com.apple.Foundation          	0x000000010ea7c067 __NSThreadPerformPerform + 283
10  com.apple.CoreFoundation      	0x000000010e39ba31 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
11  com.apple.CoreFoundation      	0x000000010e3918d7 __CFRunLoopDoSources0 + 423
12  com.apple.CoreFoundation      	0x000000010e390e13 __CFRunLoopRun + 867
13  com.apple.CoreFoundation      	0x000000010e390828 CFRunLoopRunSpecific + 488
14  com.apple.GraphicsServices    	0x000000010ee9bad2 GSEventRunModal + 161
15  com.apple.UIKit               	0x000000010f439610 UIApplicationMain + 171
16  DumpRenderTree                	0x000000010d8928f9 DumpRenderTreeMain(int, char const**) + 137 (DumpRenderTree.mm:1433)
17  DumpRenderTree                	0x000000010d8e2032 main + 34 (DumpRenderTreeAppMain.mm:32)
18  libdyld.dylib                 	0x000000011dfad92d start + 1

Thread 1:: Dispatch queue: com.apple.libdispatch-manager
0   libsystem_kernel.dylib        	0x000000011e2edfde kevent64 + 10
1   libdispatch.dylib             	0x000000011df6e8c0 _dispatch_mgr_invoke + 260
2   libdispatch.dylib             	0x000000011df6e65a _dispatch_mgr_thread + 54

Thread 2:
0   libsystem_kernel.dylib        	0x000000011e2ed206 __semwait_signal + 10
1   libsystem_c.dylib             	0x000000011e074cab nanosleep + 199
2   libc++.1.dylib                	0x000000011db12100 std::__1::this_thread::sleep_for(std::__1::chrono::duration<long long, std::__1::ratio<1l, 1000000000l> > const&) + 75
3   JavaScriptCore                	0x0000000119543bd6 void std::__1::this_thread::sleep_for<long long, std::__1::ratio<1l, 1000l> >(std::__1::chrono::duration<long long, std::__1::ratio<1l, 1000l> > const&) + 1782 (thread:433)
4   JavaScriptCore                	0x0000000119540753 bmalloc::sleep(std::__1::unique_lock<bmalloc::StaticMutex>&, std::__1::chrono::duration<long long, std::__1::ratio<1l, 1000l> >) + 195 (StaticMutex.h:65)
5   JavaScriptCore                	0x00000001195404ad bmalloc::waitUntilFalse(std::__1::unique_lock<bmalloc::StaticMutex>&, std::__1::chrono::duration<long long, std::__1::ratio<1l, 1000l> >, bool&) + 61 (StaticMutex.h:72)
6   JavaScriptCore                	0x0000000119540409 bmalloc::Heap::scavenge(std::__1::unique_lock<bmalloc::StaticMutex>&, std::__1::chrono::duration<long long, std::__1::ratio<1l, 1000l> >) + 73 (Heap.cpp:92)
7   JavaScriptCore                	0x000000011953fe98 bmalloc::Heap::concurrentScavenge() + 104 (Heap.cpp:85)
8   JavaScriptCore                	0x0000000119545a32 bmalloc::AsyncTask<bmalloc::Heap, void (bmalloc::Heap::*)()>::threadRunLoop() + 1298 (AsyncTask.h:145)
9   JavaScriptCore                	0x00000001195454e5 bmalloc::AsyncTask<bmalloc::Heap, void (bmalloc::Heap::*)()>::threadEntryPoint(bmalloc::AsyncTask<bmalloc::Heap, void (bmalloc::Heap::*)()>*) + 21 (AsyncTask.h:128)
10  JavaScriptCore                	0x0000000119547772 void* std::__1::__thread_proxy<std::__1::tuple<void (*)(bmalloc::AsyncTask<bmalloc::Heap, void (bmalloc::Heap::*)()>*), bmalloc::AsyncTask<bmalloc::Heap, void (bmalloc::Heap::*)()>*> >(void*) + 418 (__functional_base:415)
11  libsystem_pthread.dylib       	0x000000011e2b1c13 _pthread_body + 131
12  libsystem_pthread.dylib       	0x000000011e2b1b90 _pthread_start + 168
13  libsystem_pthread.dylib       	0x000000011e2af375 thread_start + 13

Thread 3 Crashed:: WebThread
0   JavaScriptCore                	0x00000001194c1f77 WTFCrash + 39 (Assertions.cpp:321)
1   JavaScriptCore                	0x000000011950a679 WTF::RunLoop::main() + 57 (RunLoop.cpp:65)
2   com.apple.WebCore             	0x000000011212892d WebCore::MockRealtimeVideoSource::MockRealtimeVideoSource() + 397 (MockRealtimeVideoSource.cpp:60)
3   com.apple.WebCore             	0x000000011212c32c WebCore::MockRealtimeVideoSourceMac::MockRealtimeVideoSourceMac() + 28 (MockRealtimeVideoSourceMac.mm:54)
4   com.apple.WebCore             	0x000000011212c305 WebCore::MockRealtimeVideoSourceMac::MockRealtimeVideoSourceMac() + 21 (MockRealtimeVideoSourceMac.mm:55)
5   com.apple.WebCore             	0x000000011212c278 WebCore::MockRealtimeVideoSource::create() + 56 (MockRealtimeVideoSourceMac.mm:49)
6   com.apple.WebCore             	0x0000000112124dbc WebCore::MockRealtimeMediaSourceCenter::validateRequestConstraints(WebCore::MediaStreamCreationClient*, WTF::RefPtr<WebCore::MediaConstraints>&, WTF::RefPtr<WebCore::MediaConstraints>&) + 428 (MockRealtimeMediaSourceCenter.cpp:95)
7   com.apple.WebCore             	0x0000000112bba262 WebCore::UserMediaRequest::start() + 82 (UserMediaRequest.cpp:121)
8   com.apple.WebCore             	0x0000000112bba08d WebCore::UserMediaRequest::start(WebCore::Document*, WebCore::Dictionary const&, WebCore::DOMPromise<WTF::RefPtr<WebCore::MediaStream>, WTF::RefPtr<WebCore::NavigatorUserMediaError> >&&, int&) + 557 (UserMediaRequest.cpp:92)
9   com.apple.WebCore             	0x0000000111fcc04a WebCore::MediaDevices::getUserMedia(WebCore::Dictionary const&, WebCore::DOMPromise<WTF::RefPtr<WebCore::MediaStream>, WTF::RefPtr<WebCore::NavigatorUserMediaError> >&&, int&) const + 74 (MediaDevices.cpp:69)
10  com.apple.WebCore             	0x0000000111b71328 WebCore::jsMediaDevicesPrototypeFunctionGetUserMediaFromJSPromise(JSC::ExecState*, JSC::JSPromiseDeferred*) + 712 (JSMediaDevices.cpp:167)
11  com.apple.WebCore             	0x0000000111865977 WebCore::callPromiseFunction(JSC::ExecState&, long long (*)(JSC::ExecState*, JSC::JSPromiseDeferred*)) + 71 (JSDOMPromise.h:65)
12  com.apple.WebCore             	0x0000000111b70cbc WebCore::jsMediaDevicesPrototypeFunctionGetUserMediaFromJS(JSC::ExecState*) + 28 (JSMediaDevices.cpp:150)
13  ???                           	0x0000039f740ee028 0 + 3983381815336
14  JavaScriptCore                	0x00000001191fbd33 llint_entry + 26847
15  JavaScriptCore                	0x00000001191fbd33 llint_entry + 26847
16  JavaScriptCore                	0x00000001191fc17b llint_entry + 27943
17  JavaScriptCore                	0x00000001191fbd33 llint_entry + 26847
18  JavaScriptCore                	0x00000001191f523e vmEntryToJavaScript + 334
19  JavaScriptCore                	0x000000011902c9d5 JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) + 213 (JITCode.cpp:80)
20  JavaScriptCore                	0x0000000118ff7a07 JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*) + 4471 (Interpreter.cpp:973)
21  JavaScriptCore                	0x0000000118b23a11 JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) + 465 (Completion.cpp:105)
22  com.apple.WebCore             	0x0000000111b669f5 WebCore::JSMainThreadExecState::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) + 69 (JSMainThreadExecState.h:62)
23  com.apple.WebCore             	0x00000001126ac7f1 WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&, WebCore::ExceptionDetails*) + 321 (ScriptController.cpp:164)
24  com.apple.WebCore             	0x00000001126ac94c WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&, WebCore::ExceptionDetails*) + 76 (ScriptController.cpp:180)
25  com.apple.WebCore             	0x00000001126bb485 WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) + 485 (ScriptElement.cpp:310)
26  com.apple.WebCore             	0x00000001126ba373 WebCore::ScriptElement::prepareScript(WTF::TextPosition const&, WebCore::ScriptElement::LegacyTypeSupport) + 1731 (ScriptElement.cpp:241)
27  com.apple.WebCore             	0x0000000111529c50 WebCore::HTMLScriptRunner::runScript(WebCore::Element*, WTF::TextPosition const&) + 352 (HTMLScriptRunner.cpp:304)
28  com.apple.WebCore             	0x0000000111529a69 WebCore::HTMLScriptRunner::execute(WTF::PassRefPtr<WebCore::Element>, WTF::TextPosition const&) + 137 (HTMLScriptRunner.cpp:177)
29  com.apple.WebCore             	0x00000001114598c0 WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder() + 288 (HTMLDocumentParser.cpp:195)
30  com.apple.WebCore             	0x00000001114599c1 WebCore::HTMLDocumentParser::canTakeNextToken(WebCore::HTMLDocumentParser::SynchronousMode, WebCore::PumpSession&) + 177 (HTMLDocumentParser.cpp:214)
31  com.apple.WebCore             	0x0000000111458d51 WebCore::HTMLDocumentParser::pumpTokenizer(WebCore::HTMLDocumentParser::SynchronousMode) + 385 (HTMLDocumentParser.cpp:252)
32  com.apple.WebCore             	0x0000000111458999 WebCore::HTMLDocumentParser::pumpTokenizerIfPossible(WebCore::HTMLDocumentParser::SynchronousMode) + 169 (HTMLDocumentParser.cpp:167)
33  com.apple.WebCore             	0x000000011145a9d6 WebCore::HTMLDocumentParser::resumeParsingAfterScriptExecution() + 374 (HTMLDocumentParser.cpp:488)
34  com.apple.WebCore             	0x000000011145adda WebCore::HTMLDocumentParser::notifyFinished(WebCore::CachedResource*) + 314 (HTMLDocumentParser.cpp:528)
35  com.apple.WebCore             	0x000000011145ae1f non-virtual thunk to WebCore::HTMLDocumentParser::notifyFinished(WebCore::CachedResource*) + 47 (HTMLDocumentParser.cpp:512)
36  com.apple.WebCore             	0x0000000110b8fa42 WebCore::CachedResource::checkNotify() + 130 (CachedResource.cpp:295)
37  com.apple.WebCore             	0x0000000110b8fb51 WebCore::CachedResource::finishLoading(WebCore::SharedBuffer*) + 49 (CachedResource.cpp:313)
38  com.apple.WebCore             	0x0000000110bae31e WebCore::CachedScript::finishLoading(WebCore::SharedBuffer*) + 126 (CachedScript.cpp:117)
39  com.apple.WebCore             	0x00000001128fb655 WebCore::SubresourceLoader::didFinishLoading(double) + 517 (SubresourceLoader.cpp:374)
40  com.apple.WebCore             	0x0000000112629f65 WebCore::ResourceLoader::didFinishLoading(WebCore::ResourceHandle*, double) + 53 (ResourceLoader.cpp:638)
41  com.apple.WebCore             	0x0000000112a5df4c WebCore::SynchronousResourceHandleCFURLConnectionDelegate::didFinishLoading() + 236 (SynchronousResourceHandleCFURLConnectionDelegate.cpp:208)
42  com.apple.WebCore             	0x00000001126240cd WebCore::ResourceHandleCFURLConnectionDelegate::didFinishLoadingCallback(_CFURLConnection*, void const*) + 29 (ResourceHandleCFURLConnectionDelegate.cpp:88)
43  com.apple.CFNetwork           	0x000000010df02fbe ___ZN27URLConnectionClient_Classic26_delegate_didFinishLoadingEU13block_pointerFvvE_block_invoke + 104
44  com.apple.CFNetwork           	0x000000010dff0965 ___ZN27URLConnectionClient_Classic18_withDelegateAsyncEPKcU13block_pointerFvP16_CFURLConnectionPK33CFURLConnectionClientCurrent_VMaxE_block_invoke_2 + 100
45  libdispatch.dylib             	0x000000011df7e4a7 _dispatch_client_callout + 8
46  libdispatch.dylib             	0x000000011df65223 _dispatch_block_invoke + 408
47  com.apple.CFNetwork           	0x000000010deef1ac RunloopBlockContext::_invoke_block(void const*, void*) + 24
48  com.apple.CoreFoundation      	0x000000010e36eee4 CFArrayApplyFunction + 68
49  com.apple.CFNetwork           	0x000000010deef0a5 RunloopBlockContext::perform() + 137
50  com.apple.CFNetwork           	0x000000010deeef5e MultiplexerSource::perform() + 282
51  com.apple.CFNetwork           	0x000000010deeed80 MultiplexerSource::_perform(void*) + 72
52  com.apple.CoreFoundation      	0x000000010e39ba31 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
53  com.apple.CoreFoundation      	0x000000010e39195c __CFRunLoopDoSources0 + 556
54  com.apple.CoreFoundation      	0x000000010e390e13 __CFRunLoopRun + 867
55  com.apple.CoreFoundation      	0x000000010e390828 CFRunLoopRunSpecific + 488
56  com.apple.WebCore             	0x0000000112c3c790 RunWebThread(void*) + 752 (WebCoreThread.mm:691)
57  libsystem_pthread.dylib       	0x000000011e2b1c13 _pthread_body + 131
58  libsystem_pthread.dylib       	0x000000011e2b1b90 _pthread_start + 168
59  libsystem_pthread.dylib       	0x000000011e2af375 thread_start + 13

Comment 1 Jiewen Tan 2016-01-13 22:25:02 PST

<rdar://problem/24183105>

Comment 2 Eric Carlson 2016-01-14 08:38:05 PST

Assert happens when creating a runloop timer on the Web thread. Assert is:

RunLoop& RunLoop::main()
{
    ASSERT(s_mainRunLoop);
    return *s_mainRunLoop;
}

Is it not possible to use a runloop timer on the WebThread?

Comment 3 David Kilzer (:ddkilzer) 2016-01-14 11:28:49 PST

(In reply to comment #2)
> Assert happens when creating a runloop timer on the Web thread. Assert is:
> 
> RunLoop& RunLoop::main()
> {
>     ASSERT(s_mainRunLoop);
>     return *s_mainRunLoop;
> }
> 
> Is it not possible to use a runloop timer on the WebThread?

I think it is possible, but there may be a "special" way to do it.  (And I remember their being caveats, but not exactly what they were.)

This is stating the obvious (probably not helpful), but you want to use a WebThread runloop, not a main thread runloop, if you're going to spin it on the WebThread.

Comment 4 Eric Carlson 2016-01-14 14:14:30 PST

(In reply to comment #3)
> (In reply to comment #2)
> > Assert happens when creating a runloop timer on the Web thread. Assert is:
> > 
> > RunLoop& RunLoop::main()
> > {
> >     ASSERT(s_mainRunLoop);
> >     return *s_mainRunLoop;
> > }
> > 
> > Is it not possible to use a runloop timer on the WebThread?
> 
> I think it is possible, but there may be a "special" way to do it.  (And I
> remember their being caveats, but not exactly what they were.)
> 
> This is stating the obvious (probably not helpful), but you want to use a
> WebThread runloop, not a main thread runloop, if you're going to spin it on
> the WebThread.

Of course, I should be passing "RunLoop::current()" instead of "RunLoop::main()" to the timer constructor.

Comment 5 Eric Carlson 2016-01-16 13:59:11 PST

Created attachment 269179 [details]
Proposed patch.

Comment 6 Darin Adler 2016-01-18 18:40:57 PST

Comment on attachment 269179 [details]
Proposed patch.

View in context: https://bugs.webkit.org/attachment.cgi?id=269179&action=review

> Source/WebCore/ChangeLog:13
> +        (WebCore::MockRealtimeVideoSource::MockRealtimeVideoSource): Create the timer with RunLoop::current
> +          instead of RunLoop::main.

Why?

Comment 7 WebKit Commit Bot 2016-01-18 19:28:37 PST

Comment on attachment 269179 [details]
Proposed patch.

Clearing flags on attachment: 269179

Committed r195244: <http://trac.webkit.org/changeset/195244>

Comment 8 WebKit Commit Bot 2016-01-18 19:28:41 PST

All reviewed patches have been landed.  Closing bug.